-
Notifications
You must be signed in to change notification settings - Fork 3
ui5/webcomponents-react FP improvements for OOTB queries #244
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
knewbury01
wants to merge
25
commits into
main
Choose a base branch
from
knewbury01/webcomponent-react
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
+19,114
−0
Open
Changes from all commits
Commits
Show all changes
25 commits
Select commit
Hold shift + click to select a range
56bc60e
Add test cases ui5/webcomponents-react explore
knewbury01 4c2351f
Add event target value source to test cases
knewbury01 7a51865
Fix test case to include previously missing handler
knewbury01 3ca167d
Update test cases inline docs and test case and expected result
knewbury01 f75efea
Add sinks to unit test
knewbury01 b16ebdc
add missing expected test file
knewbury01 111e72c
Add a minimal XSS example involving `Input` and `dangerouslySetInnerH…
jeongsoolee09 f005044
Merge branch 'knewbury01/webcomponent-react' of github.com:advanced-s…
jeongsoolee09 c1fdac0
Add documentation to trigger XSS
jeongsoolee09 83d77fa
Add test setup (temp) for xss-input-dangerouslySetInnerHTML
knewbury01 1951360
Update app sample to use ui5-webcomponents-react lib
knewbury01 0ea8246
Add extra test cases to ui5 webcomponents for react and arrange model…
knewbury01 001ed58
Cleanup old testing that is no longer needed
knewbury01 1f04231
Merge branch 'main' into knewbury01/webcomponent-react
knewbury01 881e5f9
move qlpack.yml
mbaluda ca1cb51
Revert "move qlpack.yml"
mbaluda 72ef18e
Update javascript/frameworks/ui5-webcomponents/test/queries/xss-input…
data-douser b504429
Merge branch 'main' into knewbury01/webcomponent-react
data-douser 1a1dea5
Merge branch 'main' into knewbury01/webcomponent-react
data-douser 618fb03
Fix test pack yml location
knewbury01 c43c54f
Merge branch 'knewbury01/webcomponent-react' of https://github.com/ad…
knewbury01 6781bb2
Improve documentation on app and query tests for webcomponents for react
knewbury01 a9b572a
Add module level documentation to ui5/Sanitizers.qll
knewbury01 e2d66e4
Add missing components to sanitize for ui5-webcomponents-react
knewbury01 a24d844
Address review comments
knewbury01 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
30 changes: 30 additions & 0 deletions
30
javascript/frameworks/ui5-webcomponents/test/codeql-pack.lock.yml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| --- | ||
| lockVersion: 1.0.0 | ||
| dependencies: | ||
| codeql/concepts: | ||
| version: 0.0.7 | ||
| codeql/controlflow: | ||
| version: 2.0.17 | ||
| codeql/dataflow: | ||
| version: 2.0.17 | ||
| codeql/javascript-all: | ||
| version: 2.6.13 | ||
| codeql/mad: | ||
| version: 1.0.33 | ||
| codeql/regex: | ||
| version: 1.0.33 | ||
| codeql/ssa: | ||
| version: 2.0.9 | ||
| codeql/threat-models: | ||
| version: 1.0.33 | ||
| codeql/tutorial: | ||
| version: 1.0.33 | ||
| codeql/typetracking: | ||
| version: 2.0.17 | ||
| codeql/util: | ||
| version: 2.0.20 | ||
| codeql/xml: | ||
| version: 1.0.33 | ||
| codeql/yaml: | ||
| version: 1.0.33 | ||
| compiled: false |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| name: advanced-security/javascript-sap-ui5-webcomponents-for-react-test | ||
| version: 2.3.0 | ||
| extractor: javascript | ||
| dependencies: | ||
| codeql/javascript-all: "^2.4.0" | ||
| advanced-security/javascript-sap-ui5-all: "^2.3.0" | ||
8 changes: 8 additions & 0 deletions
8
...rameworks/ui5-webcomponents/test/queries/xss-input-dangerouslySetInnerHTML/.eslintrc.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| { | ||
| "env": { | ||
| "browser": true, | ||
| "es6": true, | ||
| "node": true | ||
| }, | ||
| "extends": "react-app" | ||
| } |
9 changes: 9 additions & 0 deletions
9
...orks/ui5-webcomponents/test/queries/xss-input-dangerouslySetInnerHTML/README.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| # Minimal Demo Example of XSS in UI5-Webcomponents for React | ||
|
|
||
| This is a minimal example to demonstrate how XSS might happen in an application written with [UI5-Webcomponents for React](https://ui5.github.io/webcomponents-react/). | ||
|
|
||
| ## Steps to trigger XSS | ||
|
|
||
| 1. `npm install` and `npm start`, navigate to `localhost:3000` | ||
| 2. Input `<img src="nonexistent.jpg" onerror="alert('xss')"/>` in the [`Input` component](https://ui5.github.io/webcomponents/components/Input/) | ||
|
|
114 changes: 114 additions & 0 deletions
114
...s/ui5-webcomponents/test/queries/xss-input-dangerouslySetInnerHTML/XssThroughDom.expected
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,114 @@ | ||
| edges | ||
| | src/App.tsx:7:10:7:19 | inputValue | src/App.tsx:7:10:7:19 | inputValue | provenance | | | ||
| | src/App.tsx:7:10:7:19 | inputValue | src/App.tsx:537:46:537:55 | inputValue | provenance | | | ||
| | src/App.tsx:11:28:11:50 | inputRe ... ?.value | src/App.tsx:11:28:11:56 | inputRe ... e \|\| "" | provenance | | | ||
| | src/App.tsx:11:28:11:56 | inputRe ... e \|\| "" | src/App.tsx:7:10:7:19 | inputValue | provenance | | | ||
| | src/App.tsx:23:10:23:22 | textAreaValue | src/App.tsx:23:10:23:22 | textAreaValue | provenance | | | ||
| | src/App.tsx:23:10:23:22 | textAreaValue | src/App.tsx:538:46:538:58 | textAreaValue | provenance | | | ||
| | src/App.tsx:27:31:27:56 | textAre ... ?.value | src/App.tsx:27:31:27:62 | textAre ... e \|\| "" | provenance | | | ||
| | src/App.tsx:27:31:27:62 | textAre ... e \|\| "" | src/App.tsx:23:10:23:22 | textAreaValue | provenance | | | ||
| | src/App.tsx:39:10:39:20 | searchValue | src/App.tsx:39:10:39:20 | searchValue | provenance | | | ||
| | src/App.tsx:39:10:39:20 | searchValue | src/App.tsx:539:46:539:56 | searchValue | provenance | | | ||
| | src/App.tsx:43:29:43:52 | searchR ... ?.value | src/App.tsx:43:29:43:58 | searchR ... e \|\| "" | provenance | | | ||
| | src/App.tsx:43:29:43:58 | searchR ... e \|\| "" | src/App.tsx:39:10:39:20 | searchValue | provenance | | | ||
| | src/App.tsx:55:10:55:28 | shellBarSearchValue | src/App.tsx:55:10:55:28 | shellBarSearchValue | provenance | | | ||
| | src/App.tsx:55:10:55:28 | shellBarSearchValue | src/App.tsx:540:46:540:64 | shellBarSearchValue | provenance | | | ||
| | src/App.tsx:59:37:59:68 | shellBa ... ?.value | src/App.tsx:59:37:59:74 | shellBa ... e \|\| "" | provenance | | | ||
| | src/App.tsx:59:37:59:74 | shellBa ... e \|\| "" | src/App.tsx:55:10:55:28 | shellBarSearchValue | provenance | | | ||
| | src/App.tsx:71:10:71:22 | comboBoxValue | src/App.tsx:71:10:71:22 | comboBoxValue | provenance | | | ||
| | src/App.tsx:71:10:71:22 | comboBoxValue | src/App.tsx:541:46:541:58 | comboBoxValue | provenance | | | ||
| | src/App.tsx:75:31:75:56 | comboBo ... ?.value | src/App.tsx:75:31:75:62 | comboBo ... e \|\| "" | provenance | | | ||
| | src/App.tsx:75:31:75:62 | comboBo ... e \|\| "" | src/App.tsx:71:10:71:22 | comboBoxValue | provenance | | | ||
| | src/App.tsx:119:10:119:24 | datePickerValue | src/App.tsx:119:10:119:24 | datePickerValue | provenance | | | ||
| | src/App.tsx:119:10:119:24 | datePickerValue | src/App.tsx:544:46:544:60 | datePickerValue | provenance | | | ||
| | src/App.tsx:123:33:123:60 | datePic ... ?.value | src/App.tsx:123:33:123:66 | datePic ... e \|\| "" | provenance | | | ||
| | src/App.tsx:123:33:123:66 | datePic ... e \|\| "" | src/App.tsx:119:10:119:24 | datePickerValue | provenance | | | ||
| | src/App.tsx:135:10:135:29 | dateRangePickerValue | src/App.tsx:135:10:135:29 | dateRangePickerValue | provenance | | | ||
| | src/App.tsx:135:10:135:29 | dateRangePickerValue | src/App.tsx:545:46:545:65 | dateRangePickerValue | provenance | | | ||
| | src/App.tsx:139:38:139:70 | dateRan ... ?.value | src/App.tsx:139:38:139:76 | dateRan ... e \|\| "" | provenance | | | ||
| | src/App.tsx:139:38:139:76 | dateRan ... e \|\| "" | src/App.tsx:135:10:135:29 | dateRangePickerValue | provenance | | | ||
| | src/App.tsx:151:10:151:28 | dateTimePickerValue | src/App.tsx:151:10:151:28 | dateTimePickerValue | provenance | | | ||
| | src/App.tsx:151:10:151:28 | dateTimePickerValue | src/App.tsx:546:46:546:64 | dateTimePickerValue | provenance | | | ||
| | src/App.tsx:155:37:155:68 | dateTim ... ?.value | src/App.tsx:155:37:155:74 | dateTim ... e \|\| "" | provenance | | | ||
| | src/App.tsx:155:37:155:74 | dateTim ... e \|\| "" | src/App.tsx:151:10:151:28 | dateTimePickerValue | provenance | | | ||
| | src/App.tsx:167:10:167:24 | timePickerValue | src/App.tsx:167:10:167:24 | timePickerValue | provenance | | | ||
| | src/App.tsx:167:10:167:24 | timePickerValue | src/App.tsx:547:46:547:60 | timePickerValue | provenance | | | ||
| | src/App.tsx:171:33:171:60 | timePic ... ?.value | src/App.tsx:171:33:171:66 | timePic ... e \|\| "" | provenance | | | ||
| | src/App.tsx:171:33:171:66 | timePic ... e \|\| "" | src/App.tsx:167:10:167:24 | timePickerValue | provenance | | | ||
| | src/App.tsx:295:10:295:20 | optionValue | src/App.tsx:295:10:295:20 | optionValue | provenance | | | ||
| | src/App.tsx:295:10:295:20 | optionValue | src/App.tsx:555:46:555:56 | optionValue | provenance | | | ||
| | src/App.tsx:299:29:299:52 | optionR ... ?.value | src/App.tsx:299:29:299:58 | optionR ... e \|\| "" | provenance | | | ||
| | src/App.tsx:299:29:299:58 | optionR ... e \|\| "" | src/App.tsx:295:10:295:20 | optionValue | provenance | | | ||
| | src/App.tsx:311:10:311:26 | optionCustomValue | src/App.tsx:311:10:311:26 | optionCustomValue | provenance | | | ||
| | src/App.tsx:311:10:311:26 | optionCustomValue | src/App.tsx:556:46:556:62 | optionCustomValue | provenance | | | ||
| | src/App.tsx:315:35:315:64 | optionC ... ?.value | src/App.tsx:315:35:315:70 | optionC ... e \|\| "" | provenance | | | ||
| | src/App.tsx:315:35:315:70 | optionC ... e \|\| "" | src/App.tsx:311:10:311:26 | optionCustomValue | provenance | | | ||
| nodes | ||
| | src/App.tsx:7:10:7:19 | inputValue | semmle.label | inputValue | | ||
| | src/App.tsx:7:10:7:19 | inputValue | semmle.label | inputValue | | ||
| | src/App.tsx:11:28:11:50 | inputRe ... ?.value | semmle.label | inputRe ... ?.value | | ||
| | src/App.tsx:11:28:11:56 | inputRe ... e \|\| "" | semmle.label | inputRe ... e \|\| "" | | ||
| | src/App.tsx:23:10:23:22 | textAreaValue | semmle.label | textAreaValue | | ||
| | src/App.tsx:23:10:23:22 | textAreaValue | semmle.label | textAreaValue | | ||
| | src/App.tsx:27:31:27:56 | textAre ... ?.value | semmle.label | textAre ... ?.value | | ||
| | src/App.tsx:27:31:27:62 | textAre ... e \|\| "" | semmle.label | textAre ... e \|\| "" | | ||
| | src/App.tsx:39:10:39:20 | searchValue | semmle.label | searchValue | | ||
| | src/App.tsx:39:10:39:20 | searchValue | semmle.label | searchValue | | ||
| | src/App.tsx:43:29:43:52 | searchR ... ?.value | semmle.label | searchR ... ?.value | | ||
| | src/App.tsx:43:29:43:58 | searchR ... e \|\| "" | semmle.label | searchR ... e \|\| "" | | ||
| | src/App.tsx:55:10:55:28 | shellBarSearchValue | semmle.label | shellBarSearchValue | | ||
| | src/App.tsx:55:10:55:28 | shellBarSearchValue | semmle.label | shellBarSearchValue | | ||
| | src/App.tsx:59:37:59:68 | shellBa ... ?.value | semmle.label | shellBa ... ?.value | | ||
| | src/App.tsx:59:37:59:74 | shellBa ... e \|\| "" | semmle.label | shellBa ... e \|\| "" | | ||
| | src/App.tsx:71:10:71:22 | comboBoxValue | semmle.label | comboBoxValue | | ||
| | src/App.tsx:71:10:71:22 | comboBoxValue | semmle.label | comboBoxValue | | ||
| | src/App.tsx:75:31:75:56 | comboBo ... ?.value | semmle.label | comboBo ... ?.value | | ||
| | src/App.tsx:75:31:75:62 | comboBo ... e \|\| "" | semmle.label | comboBo ... e \|\| "" | | ||
| | src/App.tsx:119:10:119:24 | datePickerValue | semmle.label | datePickerValue | | ||
| | src/App.tsx:119:10:119:24 | datePickerValue | semmle.label | datePickerValue | | ||
| | src/App.tsx:123:33:123:60 | datePic ... ?.value | semmle.label | datePic ... ?.value | | ||
| | src/App.tsx:123:33:123:66 | datePic ... e \|\| "" | semmle.label | datePic ... e \|\| "" | | ||
| | src/App.tsx:135:10:135:29 | dateRangePickerValue | semmle.label | dateRangePickerValue | | ||
| | src/App.tsx:135:10:135:29 | dateRangePickerValue | semmle.label | dateRangePickerValue | | ||
| | src/App.tsx:139:38:139:70 | dateRan ... ?.value | semmle.label | dateRan ... ?.value | | ||
| | src/App.tsx:139:38:139:76 | dateRan ... e \|\| "" | semmle.label | dateRan ... e \|\| "" | | ||
| | src/App.tsx:151:10:151:28 | dateTimePickerValue | semmle.label | dateTimePickerValue | | ||
| | src/App.tsx:151:10:151:28 | dateTimePickerValue | semmle.label | dateTimePickerValue | | ||
| | src/App.tsx:155:37:155:68 | dateTim ... ?.value | semmle.label | dateTim ... ?.value | | ||
| | src/App.tsx:155:37:155:74 | dateTim ... e \|\| "" | semmle.label | dateTim ... e \|\| "" | | ||
| | src/App.tsx:167:10:167:24 | timePickerValue | semmle.label | timePickerValue | | ||
| | src/App.tsx:167:10:167:24 | timePickerValue | semmle.label | timePickerValue | | ||
| | src/App.tsx:171:33:171:60 | timePic ... ?.value | semmle.label | timePic ... ?.value | | ||
| | src/App.tsx:171:33:171:66 | timePic ... e \|\| "" | semmle.label | timePic ... e \|\| "" | | ||
| | src/App.tsx:295:10:295:20 | optionValue | semmle.label | optionValue | | ||
| | src/App.tsx:295:10:295:20 | optionValue | semmle.label | optionValue | | ||
| | src/App.tsx:299:29:299:52 | optionR ... ?.value | semmle.label | optionR ... ?.value | | ||
| | src/App.tsx:299:29:299:58 | optionR ... e \|\| "" | semmle.label | optionR ... e \|\| "" | | ||
| | src/App.tsx:311:10:311:26 | optionCustomValue | semmle.label | optionCustomValue | | ||
| | src/App.tsx:311:10:311:26 | optionCustomValue | semmle.label | optionCustomValue | | ||
| | src/App.tsx:315:35:315:64 | optionC ... ?.value | semmle.label | optionC ... ?.value | | ||
| | src/App.tsx:315:35:315:70 | optionC ... e \|\| "" | semmle.label | optionC ... e \|\| "" | | ||
| | src/App.tsx:537:46:537:55 | inputValue | semmle.label | inputValue | | ||
| | src/App.tsx:538:46:538:58 | textAreaValue | semmle.label | textAreaValue | | ||
| | src/App.tsx:539:46:539:56 | searchValue | semmle.label | searchValue | | ||
| | src/App.tsx:540:46:540:64 | shellBarSearchValue | semmle.label | shellBarSearchValue | | ||
| | src/App.tsx:541:46:541:58 | comboBoxValue | semmle.label | comboBoxValue | | ||
| | src/App.tsx:544:46:544:60 | datePickerValue | semmle.label | datePickerValue | | ||
| | src/App.tsx:545:46:545:65 | dateRangePickerValue | semmle.label | dateRangePickerValue | | ||
| | src/App.tsx:546:46:546:64 | dateTimePickerValue | semmle.label | dateTimePickerValue | | ||
| | src/App.tsx:547:46:547:60 | timePickerValue | semmle.label | timePickerValue | | ||
| | src/App.tsx:555:46:555:56 | optionValue | semmle.label | optionValue | | ||
| | src/App.tsx:556:46:556:62 | optionCustomValue | semmle.label | optionCustomValue | | ||
| subpaths | ||
| #select | ||
| | src/App.tsx:537:46:537:55 | inputValue | src/App.tsx:11:28:11:50 | inputRe ... ?.value | src/App.tsx:537:46:537:55 | inputValue | $@ is reinterpreted as HTML without escaping meta-characters. | src/App.tsx:11:28:11:50 | inputRe ... ?.value | DOM text | | ||
| | src/App.tsx:538:46:538:58 | textAreaValue | src/App.tsx:27:31:27:56 | textAre ... ?.value | src/App.tsx:538:46:538:58 | textAreaValue | $@ is reinterpreted as HTML without escaping meta-characters. | src/App.tsx:27:31:27:56 | textAre ... ?.value | DOM text | | ||
| | src/App.tsx:539:46:539:56 | searchValue | src/App.tsx:43:29:43:52 | searchR ... ?.value | src/App.tsx:539:46:539:56 | searchValue | $@ is reinterpreted as HTML without escaping meta-characters. | src/App.tsx:43:29:43:52 | searchR ... ?.value | DOM text | | ||
| | src/App.tsx:540:46:540:64 | shellBarSearchValue | src/App.tsx:59:37:59:68 | shellBa ... ?.value | src/App.tsx:540:46:540:64 | shellBarSearchValue | $@ is reinterpreted as HTML without escaping meta-characters. | src/App.tsx:59:37:59:68 | shellBa ... ?.value | DOM text | | ||
| | src/App.tsx:541:46:541:58 | comboBoxValue | src/App.tsx:75:31:75:56 | comboBo ... ?.value | src/App.tsx:541:46:541:58 | comboBoxValue | $@ is reinterpreted as HTML without escaping meta-characters. | src/App.tsx:75:31:75:56 | comboBo ... ?.value | DOM text | | ||
| | src/App.tsx:544:46:544:60 | datePickerValue | src/App.tsx:123:33:123:60 | datePic ... ?.value | src/App.tsx:544:46:544:60 | datePickerValue | $@ is reinterpreted as HTML without escaping meta-characters. | src/App.tsx:123:33:123:60 | datePic ... ?.value | DOM text | | ||
| | src/App.tsx:545:46:545:65 | dateRangePickerValue | src/App.tsx:139:38:139:70 | dateRan ... ?.value | src/App.tsx:545:46:545:65 | dateRangePickerValue | $@ is reinterpreted as HTML without escaping meta-characters. | src/App.tsx:139:38:139:70 | dateRan ... ?.value | DOM text | | ||
| | src/App.tsx:546:46:546:64 | dateTimePickerValue | src/App.tsx:155:37:155:68 | dateTim ... ?.value | src/App.tsx:546:46:546:64 | dateTimePickerValue | $@ is reinterpreted as HTML without escaping meta-characters. | src/App.tsx:155:37:155:68 | dateTim ... ?.value | DOM text | | ||
| | src/App.tsx:547:46:547:60 | timePickerValue | src/App.tsx:171:33:171:60 | timePic ... ?.value | src/App.tsx:547:46:547:60 | timePickerValue | $@ is reinterpreted as HTML without escaping meta-characters. | src/App.tsx:171:33:171:60 | timePic ... ?.value | DOM text | | ||
| | src/App.tsx:555:46:555:56 | optionValue | src/App.tsx:299:29:299:52 | optionR ... ?.value | src/App.tsx:555:46:555:56 | optionValue | $@ is reinterpreted as HTML without escaping meta-characters. | src/App.tsx:299:29:299:52 | optionR ... ?.value | DOM text | | ||
| | src/App.tsx:556:46:556:62 | optionCustomValue | src/App.tsx:315:35:315:64 | optionC ... ?.value | src/App.tsx:556:46:556:62 | optionCustomValue | $@ is reinterpreted as HTML without escaping meta-characters. | src/App.tsx:315:35:315:64 | optionC ... ?.value | DOM text | |
31 changes: 31 additions & 0 deletions
31
...meworks/ui5-webcomponents/test/queries/xss-input-dangerouslySetInnerHTML/XssThroughDom.ql
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| /** | ||
| * @name DOM text reinterpreted as HTML | ||
| * @description Reinterpreting text from the DOM as HTML | ||
| * can lead to a cross-site scripting vulnerability. | ||
| * @kind path-problem | ||
| * @problem.severity warning | ||
| * @security-severity 6.1 | ||
| * @precision high | ||
| * @id js/xss-through-dom | ||
| * @tags security | ||
| * external/cwe/cwe-079 | ||
| * external/cwe/cwe-116 | ||
| */ | ||
|
|
||
| /* | ||
| * This file is an exact copy of - https://github.com/github/codeql/blob/main/javascript/ql/src/Security/CWE-079/XssThroughDom.ql | ||
| * replicated at commit sha: 7b6720c , included for testing purposes only. | ||
| * Its purpose is to test the use of customizations to filter results via the sanitizers. | ||
| */ | ||
|
|
||
| import javascript | ||
| import semmle.javascript.security.dataflow.XssThroughDomQuery | ||
| import XssThroughDomFlow::PathGraph | ||
| import advanced_security.javascript_sap_ui5_all.Customizations | ||
|
|
||
| from XssThroughDomFlow::PathNode source, XssThroughDomFlow::PathNode sink | ||
| where | ||
| XssThroughDomFlow::flowPath(source, sink) and | ||
| not isIgnoredSourceSinkPair(source.getNode(), sink.getNode()) | ||
| select sink.getNode(), source, sink, | ||
| "$@ is reinterpreted as HTML without escaping meta-characters.", source.getNode(), "DOM text" |
1 change: 1 addition & 0 deletions
1
...orks/ui5-webcomponents/test/queries/xss-input-dangerouslySetInnerHTML/XssThroughDom.qlref
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| XssThroughDom.ql |
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.